Improving Network Security through the IoT

Since its inception the Internet of Things (IoT) has been labelled a security risk, with enormous challenges. However, data analytics firm MicroStrategy has taken a different stance on the seemingly insurmountable security challenges traditionally affiliated with enterprise IoT. They claim that because 70 percent of security breaches are internal, the Enterprise Internet of Things (EIoT) can actually benefit security. Tim Lang, MicroStrategy CTO states that the EIot can help “monitor and prevent these breaches before they happen.”

The specific security benefits the EIoT offers are geared toward internal security risks. According to Lang, “What IoT brings to the table is a low-friction way of monitoring and tracking who’s in what system when, and sending alerts if there’s activity from unauthorized personnel or a settings change in a highly confidential system. Having this level of intelligence and support allows your team to have one eye open at all times and ensures the security of your most confidential databases.”

The Why

Lang postulates that a switch to the EIoT as a primary security tactic moves the enterprise security plan from defensive and reactive to offensive and strategic. He believes that EIoT is a stronger approach than traditional passwords, as they need to be updated on a regular basis, and present a significant security risk because they are so frequently stolen or leaked.

According to Lang, “In today’s world, enterprise organization can’t afford to constantly be playing defense, they need to be on offense. Utilizing EIoT gives companies the ability to mitigate security threats before they happen. For instance, if you’re alerted of activity in a system coming from outside the office, you can immediately see who it was, [see] what they were doing, and decide whether additional action is necessary.”

The How

The concept Lang and MicroStrategy present is fairly straightforward. Vendors create “digital twins,” or modular representations, including key attributes and metrics, of physical objects by adding sensors and other connectivity to the physical objects themselves. MicroStrategy has applied this concept to people, creating a digital badge called Usher to similarly “twin” stakeholders, including employees, vendors, and customers.

Lang says “the device projects the badge holder’s identity to the system,” and “can stream data about the person’s context and actions in real time.” This offers information to both security and other analyses.

While Usher is currently being used internally at MicroStrategy and testing its functionality with a beta group of customers, it has not been implemented without major concerns, specifically related to privacy. Also, tracking and monitoring systems have enormous potential to deplete morale, creating a long term productivity issue, especially when roles are dependent upon individual creativity and group brainstorming.

Creating even greater unease, the potential for transferring such technology into private environments, allowing comprehensive and real world tracking of large populations of individuals.